1. Field of the Invention
The present invention relates generally to network-based computer security and, more particularly, methods of and systems for authenticating a user of a device for computer network security.
2. Description of the Related Art
In some computer attacks, a device can be controlled by a person that is physically remote from the device. In such attacks, that person can use any of a number of Remote Desktop Protocols (RDPs) to control the device, even without physical possession of the device. However, that person may gain access to passwords and other authentication data stored on the device such that the person can spoof authentication of the legitimate user of the device and obtain services through the Internet that should not be authorized.
What is needed is a way to determine whether a person to be authenticated is in physical possession of the device carrying out the authentication session.